Search Google Appliance

Information Technology

How to Prevent Data Security Incidents- Information for IT Administrators

Note: Under a new university-wide contract, Sophos Intercept X Advanced is replacing McAfee endpoint protection at UMass Amherst. More information will follow.
For questions, contact the IT professional in your department as applicable, or IT User Services.


UMass Amherst IT currently offers departments several tools that can help protect computers and data, and mitigate potential data security incidents.

Spirion to Locate Sensitive Data

Spirion is an application that locates sensitive data (a.k.a. personally identifiable information - e.g., Social Security Numbers, credit card numbers, etc.) on desktops, laptops, servers, and other media.

Ideal for:

  • Keeping an accurate inventory of sensitive data stored on departmental computers.
  • Locating personally identifiable information in case of data security incidents.
  • Removing sensitive data when no longer needed.

How to Use: Scans can be scheduled. Scan results can be sent to a central console where you can see the status of all your devices.

System Requirements: Spirion is supported for Windows 7, Windows Vista, XP with Service Pack 1 (SP1) or higher, Windows 2000 Professional/Server with Service Pack 3 (SP3) or higher, or Windows Server 2003/ 2008. The Mac Edition requires Mac OS X versions 10.5 and higher on Intel based hardware platforms.

How to Obtain: Download the installation files from our Identity Finder page (on-campus downloads only).

Cost: Free

Resources: Spirion Web site

Secunia CSI to Manage Third-Party Applications

Secunia Corporate Software Inspector (CSI) is an application that checks for vulnerable programs and provides direct links to relevant patches and updates.

Ideal for:

  • Identifying vulnerable or outdated third-party applications.
  • Patching and updating third-party applications.

How to Use: The centralized dashboard shows the status of individual devices.

System Requirements: The centralized dashboard is available for Windows XP, 2003, 2008, Vista, and 7. Secunia CSI is not available for Mac OS X.

How to Obtain: Contact UMass Amherst IT LAN Support (lansupport@it.umass.edu) for a departmental license.

Cost: Free

Resources: Secunia CSI Web site

McAfee ePO for Centralized Security Scans

McAfee ePolicy Orchestrator (ePO) is a centralized system for managing McAfee scans for multiple computers or networks.

Ideal for:

  • Identifying viruses, malware, or other malicious software on departmental computing devices.
  • Receiving email alerts when malware or other threats are detected.

How to Use: Supports integration with Microsoft Active Directory. Queries, dashboards, reports, and tasks can be customized to fit your department's workflow. Issues can be remediated from a single user interface.

System Requirements: Windows Server 2003 Enterprise, Standard or Web with SP2 or later, Windows Server 2003 R2 Enterprise or R2 Standard with SP2 or later, Windows Server 2008.

How to Obtain: Contact UMass Amherst IT LAN Support (lansupport@it.umass.edu) for a free departmental license. Licenses are available for individual computers or servers.

Cost: Free

Resources: McAfee ePolicy Orchestrator Web site

IBM ISS Firewall to Manage Network Traffic

IBM ISS Firewall is a Windows firewall solution that integrates IPS functionality and allows management and reporting through a central console.

Ideal for:

  • Blocking unwanted network traffic.
  • Detecting and preventing malicious network attacks.

How to Use: A central console offers easy management and reporting capabilities.

System Requirements: Windows XP i386, Windows Vista i386. Windows Server 2003 i386/x64, Windows Server 2008 i386/x64 (Server 2008 R2 is not supported).

How to Obtain: Contact UMass Amherst IT LAN Support (lansupport@it.umass.edu).

Cost (subject to change):

  • Individual computers: $14.11 per computer for the first year (includes maintenance); $2.50 per computer for subsequent years.
  • Servers: $653.06 per server for the first year; $129 per server for subsequent years.

Vulnerability Scanning to Prevent Network Attacks

UMass Amherst IT offers departments two types of vulnerability scanning:

  • On-demand scans for departmental networks.
  • Scans for individual departmental devices (high-value assets only). These scans are available through a third-party scanning company and cannot be requested on a recurring basis.

How to Obtain: Contact security@umass.edu for more information.

Cost: Free